GHSA-JXPF-XQ2M-Q525 OpenMcdf has an Infinite loop DoS via crafted CFB directory cycle

Summary OpenMcdf does not detect cycles in the directory entry red-black tree of a Compound File Binary CFB document. A crafted CFB file with a cycle in the LeftSiblingID / RightSiblingID chain causes Storage.EnumerateEntries and Storage.OpenStream to loop indefinitely, consuming the calling thre...

Uncaught Exception

Overview Affected versions of this package are vulnerable to Uncaught Exception in the ClientImpl::openstream function when processing the Content-Length response header in the streaming API. An attacker can cause the client process to crash by sending a malformed or excessively large...

Linux Distros Unpatched Vulnerability : CVE-2019-10648

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Robocode through 1.9.3.5 allows remote attackers to cause external service interaction DNS, as demonstrated by a query for a unique subdomain name within an...

The vulnerability of the open_stream function in the file conversion utility for files with the .fig and .fig2dev extensions allows a malicious actor to cause a service failure by writing beyond the buffer boundaries in memory.

The vulnerability of the openstream function in the file conversion utility for files with the .fig and .fig2dev extensions is related to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

OESA-2022-1509 transfig security update

The transfig utility creates a makefile which translates FIG created by xfig or PIC figures into a specified LaTeX graphics language for example, PostScriptTM. Transfig is used to create TeX documents which are portable i.e., they can be printed in a wide variety of environments. Security Fixes: ...

Xfig 缓冲区错误漏洞

Xfig is a charting tool. A utility program for converting XFig graphic files. A security vulnerability exists in Xfig that stems from a segmentation error in the openstream function in readpics.c...

PT-2019-11963

Name of the Vulnerable Software and Affected Versions Robocode versions prior to 1.9.3.6 Description The issue allows remote attackers to cause external service interaction, specifically DNS queries, by leveraging a .openStream call within java.net.URL. This can be demonstrated by a query for a...

CVE-2018-19194

An issue was discovered in XiaoCms 20141229. /admin/index.php?c=database allows full path disclosure in a "failed to open stream" error message...

The vulnerability of the Windows operating system allows a malicious individual to obtain user authentication information.

The vulnerability of the Windows operating system exists in the implementation of system calls such as URLDownloadA, URLDownloadW, URLDownloadToCacheFileA, URLDownloadToCacheFileW, URLDownloadToFileA, URLDownloadToFileW, URLOpenStream, and URLOpenBlockingStream. During these calls, the operating...

PHP file include vulnerability details(including the truncated method)-vulnerability warning-the black bar safety net

One, what is”remote file inclusion vulnerability”for? The answer is: the server through the php properties of a function to contain any files, since you want to include this file source filter is not strict, so can go to that contains a malicious file and we can construct the malicious file to...

Plogger exploit method! - Vulnerability warning-the black bar safety net

http://www.hackeroo.com/Plogger 是 一 款 基于 PHP 的 网络日记 程序 the. Plogger does not filter the user submits the URI of the data, exploit vulnerabilities in the WEB permissions to execute arbitrary commands. Vulnerability in'plog-admin-functions.php'script for user-submitted'configbasedir'parameter is no...